Problem Description
Denial-of-service vulnerability in 3D-acceleration feature
VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.
Relevant Products
- VMware vSphere ESXi (ESXi)
- VMware Workstation Pro / Player (Workstation)
- VMware Fusion Pro, Fusion (Fusion)
NO patches have been released yet to cover this issue.
Workaround
ESXi
With Host Client or vCenter, go to the individual VM > configure > hardware > video card >
3D Graphics –> Check if “3D Graphics” is enabled.
OR
Go to individual VMX file and then check for “mks.enable3d”, if the VMs have the option
“mks.enable3d=TRUE”, then 3D-acceleration feature is enabled
Workstation
– Select virtual machine and select VM > Settings.
– On the Hardware tab, select Display
If the “Accelerate 3D graphics” is checked then 3D-acceleration feature is enabled.
Fusion
-From the VMware Fusion menu bar, select Window > Virtual Machine Library.
-Select a virtual machine and click Settings.
-In the Settings Window > select Display.
If the “Accelerate 3D graphics” is checked then 3D-acceleration feature is enabled.
Use this simple PowerCLi script to check if you have VMs with 3D acceleration enabled, if the script returns no value this means that non of your VMs use 3D acceleration.
Get-View -ViewType VirtualMachine -Property Name,Config.Hardware.Device | `
ForEach-Object {
$VM = $_
$VM.Config.Hardware.Device | `
Where-Object {$_.GetType().Name -eq “VirtualMachineVideoCard”} | `
Select-Object -property @{N=”VM”;E={$VM.Name}},Enable3DSupport
} | Where-Object {$_.Enable3DSupport}
For more information:
https://www.vmware.com/security/advisories/VMSA-2018-0025.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6977